﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace Assignment2_OrderSystem
{
    public partial class Login : System.Web.UI.Page
    {
        List<string> m_lSQandAnswer = new List<string>();
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Request.QueryString.Count > 0 && Request.QueryString["WriteSecurityQuestion"] == "true")
            {
                loginMain.Attributes.CssStyle.Value = "display: none;";
                loginQuestionDisplay.Attributes.CssStyle.Value = "display: inline;";
                string username = Request.QueryString["Username"].ToString();
                m_lSQandAnswer = SQLAdapter.GetSQandAnswer(username);
                tdSQ.InnerHtml = m_lSQandAnswer[0];
            }
        }
        protected void btnSignin_Click(object sender, EventArgs e)
        {
            try
            {
                string sUsername = txtSubmitUser.Value;
                string sPassword = txtSubmitPass.Value;
                int iClientID = SQLAdapter.VerifyUser(sUsername, sPassword);
                if (iClientID != -1)
                {
                    string sPath = "Home.aspx?SignedUser=true&Username=" + sUsername + "&ClientID=" + iClientID;
                    Response.Redirect(sPath, false);
                }
                else
                {
                    divErrorCredentials.Attributes.CssStyle.Value = "display: block;";
                }
            }
            catch (Exception ex)
            {
                Response.Write(ex.Message);
            }
        }
        protected void BtnConfirmAns_Click(object sender, EventArgs e)
        {
            if (CustomValidator_txtAnsInput.IsValid == true && txtAnsInput.Value.Length > 0)
            {
                try
                {
                    string username = Request.QueryString["Username"].ToString();
                    string password = SQLAdapter.GetPassword(username);
                    lblPassword.InnerHtml = password;
                    BtnConfirmAns.Enabled = false;
                    tdBackToLogin.Attributes.CssStyle.Value = "display: inline;";
                    tdPassword.Attributes.CssStyle.Value = "display: inline;";
                }
                catch (Exception ex)
                {
                    Response.Write(ex.Message);
                }
            }
        }
        protected void btnUsernameAuth_Click(object sender, EventArgs e)
        {
            try
            {
                string username = txtUserAuth.Value;
                int clientID = SQLAdapter.CheckIfUsernameExists(username);
                if (clientID != -1)
                {
                    Response.Redirect("Login.aspx?WriteSecurityQuestion=true&Username=" + username, false);
                }
                else
                {
                    StringBuilder sb = new StringBuilder();
                    sb.Append("<script>");
                    sb.Append("alert('The username does not exists in the system.')");
                    sb.Append("</script>");
                    ClientScript.RegisterClientScriptBlock(GetType(), "alert", sb.ToString());
                }
            }
            catch (Exception ex)
            {
                Response.Write(ex.Message);
            }
        }
        protected void CustomValidator_txtAnsInput_ServerValidate(object source, ServerValidateEventArgs args)
        {
            string UserAnswer = args.Value;
            string CurrectAnswer = m_lSQandAnswer.ElementAt(1);
            if (String.Compare(UserAnswer, CurrectAnswer) == 0)
            {
                args.IsValid = true;
            }
            else
            {
                args.IsValid = false;
            }
        }
        protected void btnBackToLogin_Click(object sender, EventArgs e)
        {
            Response.Redirect("Login.aspx", false);
        }
    }
}